saihemanth-cloudera commented on code in PR #5343:
URL: https://github.com/apache/hive/pull/5343#discussion_r1767398410
##########
ql/src/test/org/apache/hadoop/hive/ql/security/authorization/plugin/metastore/TestHiveMetaStoreAuthorizer.java:
##########
@@ -439,4 +470,66 @@ public void testUnAuthorizedCause() {
.anyMatch(stack ->
stack.contains(DummyHiveAuthorizer.class.getName())));
}
}
+
+ /**
+ * @return pair with left value as inputs and right value as outputs,
+ * passed in current call to authorizer.checkPrivileges
+ * @throws HiveAuthzPluginException
+ * @throws HiveAccessControlException
+ */
+ private Pair<List<HivePrivilegeObject>, List<HivePrivilegeObject>>
getHivePrivilegeObjectInputs() throws HiveAuthzPluginException,
+ HiveAccessControlException {
+ // Create argument capturer
+ // a class variable cast to this generic of generic class
+ Class<List<HivePrivilegeObject>> class_listPrivObjects = (Class)
List.class;
+ ArgumentCaptor<List<HivePrivilegeObject>> inputsCapturer = ArgumentCaptor
+ .forClass(class_listPrivObjects);
+ ArgumentCaptor<List<HivePrivilegeObject>> outputsCapturer = ArgumentCaptor
+ .forClass(class_listPrivObjects);
+
+ verify(dummyHiveAuthorizer).checkPrivileges(any(HiveOperationType.class),
+ inputsCapturer.capture(), outputsCapturer.capture(),
+ any(HiveAuthzContext.class));
+
+ return new ImmutablePair<List<HivePrivilegeObject>,
List<HivePrivilegeObject>>(
+ inputsCapturer.getValue(), outputsCapturer.getValue());
+ }
+
+ @Test
+ public void testCreateTab() {
+ reset(dummyHiveAuthorizer);
+
UserGroupInformation.setLoginUser(UserGroupInformation.createRemoteUser(authorizedUser));
+ try {
+ Map<String, String> tableParams = new HashMap<String, String>();
+ tableParams.putIfAbsent("owner", "systest");
+ tableParams.putIfAbsent("external.table.purge", "true");
+ tableParams.putIfAbsent("current-schema", "{\"type\" :\"struct\",
\"schema-id\":0, \"fields\":[{\"id\": 1, \"name\" :\"id\", \"required\":false,
\"type\":\"int\"}, {\"id\":2, \"name\":\"txt\", \"required\":false,
\"type\":\"string\"}]}");
+ tableParams.putIfAbsent("storage_handler",
"org.apache.iceberg.mr.hive.HivelcebergStorageHandler");
+ tableParams.putIfAbsent("uuid", "c229e4b5-d1f8-4239-adeb-cb43d0f1d209");
+ tableParams.putIfAbsent("EXTERNAL", "TRUE");
+ tableParams.putIfAbsent("metadata_location",
"hdfs://clustername/warehouse/tablespace/external/hive/icespark/metadata/00000-fa77f11c-6b5d-4da3-ae99-de907e525fbb.metadata.json");
+ tableParams.putIfAbsent("snapshot-count", "0");
+ tableParams.putIfAbsent("table_type", "ICEBERG");
+ Table table = new TableBuilder()
+ .setTableName(tblName)
+ .addCol("name", ColumnType.STRING_TYPE_NAME)
+ .setOwner(authorizedUser)
+ .setTableParams(tableParams)
+ .build(conf);
+ hmsHandler.create_table(table);
+ Pair<List<HivePrivilegeObject>, List<HivePrivilegeObject>> io =
getHivePrivilegeObjectInputs();
+ List<HivePrivilegeObject> outputs = io.getRight();
+ List<HivePrivilegeObject> inputs = io.getLeft();
+ assertEquals("No outputs for a select", 2, outputs.size());
+ assertEquals("One input for this select", 0, inputs.size());
+ for (HivePrivilegeObject hivePrivilegeObject : outputs){
+
assertTrue(hivePrivilegeObject.getObjectName().contains("storage_handler"));
+ }
+
+ } catch (Exception ex) {
+ String[] rootCauseStackTrace = ExceptionUtils.getRootCauseStackTrace(ex);
+ assertTrue(Arrays.stream(rootCauseStackTrace)
+ .anyMatch(stack ->
stack.contains(DummyHiveAuthorizer.class.getName())));
Review Comment:
nit: This is not required. We don't expect an exception here. It would be
better to re-throw the exception or take out the whole try/catch statement
altogether.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: gitbox-unsubscr...@hive.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: gitbox-unsubscr...@hive.apache.org
For additional commands, e-mail: gitbox-h...@hive.apache.org
